Story image

Malware in your DNA sequence data? Technically, it’s possible

11 Aug 17

Could hackers exploit your DNA sequence and encode it with malware? A new study from the University of Washington says yes, it’s possible – and may be a look into the future of science security.

A new research paper, called Computer Security, Privacy and DNA Sequencing, looks at how malware creators could potentially take DNA sequencing information, lace it with malware and then infect scientific computers.

Modern DNA sequencing techniques are able to run hundreds of millions of DNA strands at any one time, and the computing power behind those techniques must process, analyse and store those strand sequences.

The research paper, written by Peter Ney, Karl Koscher, Lee Organick, Luis Ceze and Tadayoshi Kohno, says that while it hasn’t yet been a target for adversaries, there is a real change it could happen in future.

Many open source DNA processing programs were written in languages known to have security problems such as C and C++, and the researchers say that security sequencing is not up to scratch when it comes to defending against cyber attackers.

“We stress that our target modified program has a known, and in some sense trivial, vulnerability. We also stress that its environment is in many ways the “best possible” environment for an adversary,” the researchers say in their report.

It is entirely possible to create synthetic DNA strands with malicious computer code. That code could then remotely give full control of the computer to attackers.

Researchers say that some DNA sequencing programs have been developed by specific research communities so it would be difficult for attackers to take advantage of these programs, but theoretically it is possible.

“Although used broadly by biology researchers, many of these programs are written by small research groups and thus have likely not been subjected to serious adversarial pressure. We therefore hypothesize that the rate of serious vulnerabilities will be higher here than in more mature software (e.g., Internet services).”

Researchers also say that as DNA sequencing becomes cheaper, it also brings more opportunities for attackers. Wet labs as a service, in which non-experts can use lab techniques, could also increase the possibility of attack. Finally storing DNA sequence data in cloud services also poses risks.

However, the researchers say that there’s no reason for concern – yet.

“We again stress that there is no cause for people to be alarmed today, but we also encourage the DNA sequencing community to proactively address computer security risks before any adversaries manifest. That said, it is time to improve the state of DNA security,” a statement concludes.

49 inches: Samsung's latest gaming monitor steps up to Dual QHD
Samsung’s gaming monitors will have a few extra inches around the waist this year.
Jobs 'aplenty' for freelance writers, devs & ecommerce specialists?
Jobs tagged with the keyword ‘writing’ took the top spot as the fastest moving job in 2018.
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
iPhone XS Max costs average Kiwi 11.6 work days – world comparison
A new study has compared how long it will take the average worker in 42 countries to purchase Apple's newest iPhone - NZ doesn't do too bad.
Chorus reckons Kiwis have an insatiable appetite for data
New Zealanders love the internet – and we love Fortnite even more.
Hands-on review: XANOVA Juturna-U gaming headset
Despite my first impressions on the quality of the headset, I was disappointed with both of the auxiliary cables provided, which felt cheap and would cut out, almost as if they were already frayed.
Audioengine’s Wireless A5+ are just bloody good speakers
I judge these speakers on the aspects that Audioengine boasts about - quality, streaming, simplicity and versatility
Hands-on review: The Ekster Wallet protects your cards against RFID attacks
For some time now, I’ve been protecting my credit cards with tinfoil. The tinfoil hat does attract a lot of comments, but thanks to Ekster, those days are now happily behind me.